package pro.ccy.servlet;

import pro.ccy.JdbcUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;

@WebServlet(urlPatterns = "/ccylogin")
public class LoginServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        //使用Request的getParameter方法获取查询字符串中键为u 的值
        String username = req.getParameter("u");
        String password = req.getParameter("p");
        System.out.println("username:" +username);
        System.out.println("password:" +password);
        String code = req.getParameter("c");

        HttpSession session = req.getSession();
        Object ccc = session.getAttribute("ccc");
        boolean isTrue = code !=null && code.equals(ccc);

        if (!isTrue) {
            //输入的验证码和存储在session中的验证码的值不一致
            PrintWriter writer = resp.getWriter();
            writer.write("code is error");
            writer.flush();
            writer.close();
            return;
        }

        //TODO
        //查询数据库，验证账号密码的存在性
        String sql="SELECT id FROM `user` WHERE username = ? AND `password` = MD5(?)";
        Integer id = JdbcUtils.select(sql,Integer.class,username,password);
        if (id != null && id > 0) {
            session.setAttribute("UID",id);
            //重定向（跳转）到首页
            resp.sendRedirect("/ccy/index.jsp");
        } else {
            //重定向到登录页
            resp.sendRedirect("/ccy/login.jsp");
        }

    }
}
